package com.lk.sys.common.shiro;

import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;

@Configuration
public class SpringShiroConfig {

    /**配置shiro中的核心对象，安全管理器securityManager*/
    @Bean
    public SecurityManager securityManager(Realm realm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(realm);
        return securityManager;
    }

    /**配置ShiroFilterFactoryBean
     * 基于此对象创建过滤工厂，通过过滤器工厂创建过滤器，通过过滤器对请求进行过滤
     * */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean (SecurityManager securityManager) {
        ShiroFilterFactoryBean sBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        sBean.setSecurityManager(securityManager);
        //设置登陆页面url
        sBean.setLoginUrl("/doLoginUI");
        LinkedHashMap<String, String> map = new LinkedHashMap<>();
        //静态资源允许匿名访问:"anon"
        map.put("/bower_components/**","anon");
        map.put("/build/**","anon");
        map.put("/dist/**","anon");
        map.put("/plugins/**","anon");
        map.put("/user/doLogin", "anon");
        //除了匿名访问的资源,其它都要认证("authc")后访问
        map.put("/**","authc");
        //设置过滤规则
        sBean.setFilterChainDefinitionMap(map);
        return sBean;
    }
}
